Asterisk Project Security Advisory - CVE-2014-8150 reported an HTTP request injection vulnerability in libcURL. Asterisk uses libcURL in its func_curl.so module (the CURL() dialplan function), as well as its res_config_curl.so (cURL realtime backend) modules. Since Asterisk may be configured to allow for user-supplied URLs to be passed to libcURL, it is possible that an attacker could use Asterisk as an attack vector to inject unauthorized HTTP requests if the version of libcURL installed on the Asterisk server is affected by CVE-2014-8150.
29b34a38aceb27270a9742ce1a2328d92a59cc3a2103a91b0fcb2d89ef89580a
This advisory details a vulnerability found within Kaseya Browser Android application. A path traversal vulnerability was discovered within an exported content provider, resulting in the disclosure of arbitrary files, including internal application files.
cd0eed73304887bcbc11bac4f7dca27d8f196f11666aa9eebef47a9489785ca8
Pexip Infinity versions prior to 8 fail to generate unique SSH host keys.
43c60a3a4da895b0ff05a3e455fad08e342cad1275ea6870cdccf41b80f4520e
MantisBT version 1.2.17 suffers from improper access control, cross site scripting, and remote SQL injection vulnerabilities.
66702fafa02a9dbc923285c073b3f395b675adad64da5dfa2394ca10e6440fd2
This advisory details multiple vulnerabilities found within the Kaseya BYOD Gateway software. By chaining a combination of lacking SSL verification, poor authentication mechanisms and arbitrary redirection vulnerabilities, a malicious entity may potentially compromise any Kaseya BYOD installation. The Kaseya BYOD Gateway software uses a redirection feature, wherein users are redirected to their local Kaseya installation via Kaseya's hosted servers. The update request from the BYOD Gateway software to the Kaseya hosted servers was not found to verify SSL certificates and fails to implement any form of authentication, instead relying on the length of the gateway identifier to provide security. Thus, the security of the solution depends on an attacker's ability to enumerate the gateway identifier. Once a malicious user enumerates the Gateway identifier, then they may update the redirect rule for that customer in Kaseya's hosted servers, redirecting customers to a malicious Kaseya BYOD Gateway. Version 7.0.2 is affected.
84b242264d948879e1883fb40c965edd3e0f9240397d1c5870d701482625f9be
ManageEngine Firewall Analyzer versions 8.0 and below suffer from cross site scripting and directory traversal vulnerabilities.
6ee156b0d54a8f1ed09c9f4838b7ee5144db4b15ab8239f4c4fb15af63710762
Multiple direct object reference vulnerabilities were found within the AirWatch cloud console. VMWare advised that these issues also affect on-premise AirWatch deployments. A malicious AirWatch user may leverage several direct object references to gain access to information regarding other AirWatch customers using the AirWatch cloud. This includes viewing groups and downloading private APKs belonging to other organizations.
5468547ad7baa8b8e0d41f706bd7a80458d99dc96cd25a19ec2e1b6344263f4f
UniPDF version 1.1 suffers from a buffer overflow vulnerability. This is a SEH overwrite denial of service proof of concept exploit.
7c9adc7186397aed0cb3bfb2dfaacca61f412e296b377460a47fa10b0f8d7d95
There is an authentication bypass vulnerability in ClearSCADA that can be exploited by triggering an exception in dbserver.exe and taking advantage of the way the program handles it.
7297622cf93f018ee50d502b4deb7ac9d83396bceed64caa328eab02705135a7
Slackware Security Advisory - New glibc packages are available for Slackware 13.0, 13.1, 13.37, 14.0, and 14.1 to fix a security issue.
3d6fcd881648b54bc54e46c4ef60b3519d0791bdbb5d2cd4595f585e0f842fc9
ManageEngine OpManager, Applications Manager, and IT360 suffer from arbitrary file download, directory content disclosure, and blind SQL injection vulnerabilities.
673d176c6994825278245d24a4e3dd01607a5db291f3f9c6d510ddb9184591fa
Fortinet FortiOS with firmware 5.0 build 4457 (GA Patch 7) suffers from a CAPWAP daemon DTLS denial of service vulnerability and man-in-the-middle vulnerability.
1d7eabcba5b448e1f50b41f696a137829a3448ee8819d84a471f0f1752e6f73c
Fortinet FortiClient suffers from broken SSL certificate validation and hardcoded encryption key vulnerabilities. This affects FortiClient iOS version 5.2.028 and FortiClient Android version 5.2.3.091.
89b742d1f97f2adee5b04d0eebd11f2dfb73e303bea379908618783f651c1060
The tcpip.sys driver fails to sufficiently validate memory objects used during the processing of a user-provided IOCTL. By crafting an input buffer that will be passed to the Tcp device through the NtDeviceIoControlFile() function, it is possible to trigger a vulnerability that would allow an attacker to elevate privileges. Proof of concept exploit included.
9d61f1a5823955c19741ad2d57e256f3641cf2f035e04e442eac8b77fd3054ea
Asterisk Project Security Advisory - Asterisk may be configured to only allow specific audio or video codecs to be used when communicating with a particular endpoint. When an endpoint sends an SDP offer that only lists codecs not allowed by Asterisk, the offer is rejected. However, in this case, RTP ports that are allocated in the process are not reclaimed. This issue only affects the PJSIP channel driver in Asterisk. Users of the chan_sip channel driver are not affected. As the resources are allocated after authentication, this issue only affects communications with authenticated endpoints.
e9d6055114e8feed6c629f9b504bd51b2f5d85998f7eb3481512d7fdd54bfc05
SupportCenter Plus version 7.9 suffers from a cross site scripting vulnerability.
d131e51f9d4f84b47ce89564902bd285461a72417d6720d9dc2d4bb58a8e2a66
Fortinet FortiAuthenticator suffers from subshell bypass, cross site scripting, password disclosure, and file disclosure vulnerabilities.
2316f48a2a964f620060702d77fc255206e56d4b01b414a4518441e617b7964e
Blubrry PowerPress version 6.0 suffers from a cross site scripting vulnerability.
a72310b5a80497f919f65c7d62fb01deeafbb3b70942d303e143f5a6101df8a2
Cisco Meraki Systems Manager suffers from cross site request forgery, abuse of functionality, and cross site scripting vulnerabilities.
9c34baf2089dd34e016937a33e17e5155490db6c285d7340f4b9688fcc63d496
Cisco Security Advisory - On January 27, 2015, a buffer overflow vulnerability in the GNU C library (glibc) was publicly announced. This vulnerability is related to the various gethostbyname functions included in glibc and affect applications that call these functions. This vulnerability may allow an attacker to obtain sensitive information from an exploited system or, in some instances, perform remote code execution with the privileges of the application being exploited. The glibc library is a commonly used third-party software component that is released by the GNU software project and a number of Cisco products are likely affected. This advisory will be updated as additional information becomes available. Cisco will release free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
2e0026b3d1367be53ce21e71b130653197f3f5ca3990e8209a45096c3c52ad87
WordPress Geo Mashup plugin versions 1.8.2 and below suffer from a cross site scripting vulnerability.
f7fa1ff3301b956e7f022f4b40335250c37a4a7d39eaadff8a0681bf634e9fef
WordPress Photo Gallery plugin version 1.2.8 suffers from a cross site scripting vulnerability.
5e09f504c2a41251b089a8e7c0f3be0f49c6c8b6a0af82aca50dfdce76422a3c
WordPress Photo Gallery plugin version 1.2.8 suffers from a remote SQL injection vulnerability.
bc5f2f631b044356d69b3727c7d0fcafc45bec4fe1e1517bae82f5dc5e56b314
Exim ESTMP denial of service exploit that leverages the GHOST glibc gethostbyname buffer overflow.
5ecc35645890c0c48e753cb63b2c03579f6cc942a311b5aad37e578368a54b58
A malicious Jar file can bypass all OS X Gatekeeper warnings and protections, allowing a remote attacker to execute arbitrary unsigned code downloaded by the user. Java must be installed on the victim's machine.
12bedb80e935c14c525f7aca1139b70f471d66838a84cc908b3de4717f0877b1